[tokkee]

tokkee.org

Code

projects / gosa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Some fixes when operating on loopback device.
[gosa.git] / gosa-si / new-gosa-si-client
diff --git a/gosa-si/new-gosa-si-client b/gosa-si/new-gosa-si-client
index d8cf9db2884841195eb6ccaa9b6d28de5fc5acb7..d24ced9d6426c21b331ab2267fa5044ad2233ba5 100755 (executable)
--- a/gosa-si/new-gosa-si-client
+++ b/gosa-si/new-gosa-si-client
@@ -43,15 +43,17 @@ use lib "/usr/lib/gosa-si/client/events";
 
 my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file);
 my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain);
-my ($client_ip, $client_port, $ldap_enabled, $ldap_config, $pam_config, $nss_config);
-
-my $server_address;
-my @servers;
-my $client_address;
-my $client_mac_address;
+my ($client_ip, $client_port, $client_mac_address, $ldap_enabled, $ldap_config, $pam_config, $nss_config);
 my $xml;
 my $default_server_key;
 my $event_hash;
+my @servers;
+
+# globalise variables which are used in imported events
+our $cfg_file;
+our $server_address;
+our $client_address;
+our $server_key;
 
 # default variables
 our $REGISTERED_FLAG = 1;
@@ -64,6 +66,7 @@ our $REGISTERED_FLAG = 1;
 "client" => 
     {"client_port" => [\$client_port, "20083"],
      "client_ip" => [\$client_ip, "0.0.0.0"],
+     "client_mac_address" => [\$client_mac_address, "00:00:00:00:00:00:00"],
      "ldap" => [\$ldap_enabled, 1],
      "ldap_config" => [\$ldap_config, "/etc/ldap/ldap.conf"],
      "pam_config" => [\$pam_config, "/etc/pam_ldap.conf"],
@@ -114,6 +117,7 @@ sub check_cmdline_param () {
 #  DESCRIPTION: 
 #===============================================================================
 sub read_configfile {
+    my ($cfg_file, %cfg_defaults) = @_ ;
     my $cfg;
     if( defined( $cfg_file) && ( length($cfg_file) > 0 )) {
         if( -r $cfg_file ) {
@@ -272,38 +276,43 @@ sub get_interfaces {
 #  DESCRIPTION:  Uses ioctl to get mac address directly from system.
 #===============================================================================
 sub get_mac {
-    my $ifreq= shift;
-    my $result;
-    if ($ifreq && length($ifreq) > 0) { 
-        if($ifreq eq "all") {
-            if(defined($server_ip)) {
-                $result = &get_local_mac_for_remote_ip($server_ip);
-            } else {
-                $result = "00:00:00:00:00:00";
-            }
-        } else {
-            my $SIOCGIFHWADDR= 0x8927;     # man 2 ioctl_list
-
-                # A configured MAC Address should always override a guessed value
-                if ($client_mac_address and length($client_mac_address) > 0) {
-                    $result= $client_mac_address;
-                }
-
-            socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
-                or die "socket: $!";
-
-            if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
-                my ($if, $mac)= unpack 'h36 H12', $ifreq;
-
-                if (length($mac) > 0) {
-                    $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
-                    $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
-                    $result = $mac;
-                }
-            }
-        }
-    }
-    return $result;
+       my $ifreq= shift;
+       my $result;
+       if ($ifreq && length($ifreq) > 0) { 
+               if($ifreq eq "all") {
+                       if(defined($server_ip)) {
+                               $result = &get_local_mac_for_remote_ip($server_ip);
+                       } 
+                       elsif ($client_mac_address && length($client_mac_address) > 0){
+                               $result = &client_mac_address;
+                       } 
+                       else {
+                               $result = "00:00:00:00:00:00";
+                       }
+               } else {
+                       my $SIOCGIFHWADDR= 0x8927;     # man 2 ioctl_list
+
+                       # A configured MAC Address should always override a guessed value
+                       if ($client_mac_address and length($client_mac_address) > 0) {
+                               $result= $client_mac_address;
+                       }
+                       else {
+                               socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
+                                       or die "socket: $!";
+
+                               if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
+                                       my ($if, $mac)= unpack 'h36 H12', $ifreq;
+
+                                       if (length($mac) > 0) {
+                                               $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
+                                               $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
+                                               $result = $mac;
+                                       }
+                               }
+                       }
+               }
+       }
+       return $result;
 }
 
 
@@ -405,6 +414,147 @@ sub get_local_mac_for_remote_ip {
 }
 
 
+sub new_ldap_config {
+    my ($msg_hash) = @_ ;
+    my $element;
+    my @ldap_uris;
+    my $ldap_base;
+    my @ldap_options;
+    my @pam_options;
+    my @nss_options;
+    my $goto_admin;
+    my $goto_secret;
+    my $admin_base= "";
+    my $department= "";
+    my $unit_tag;
+
+    # Transform input into array
+    while ( my ($key, $value) = each(%$msg_hash) ) {
+       if ($key =~ /^(source|target|header)$/) {
+               next;
+       }
+
+       foreach $element (@$value) {
+               if ($key =~ /^ldap_uri$/) {
+                       push (@ldap_uris, $element);
+                       next;
+               }
+               if ($key =~ /^ldap_base$/) {
+                       $ldap_base= $element;
+                       next;
+               }
+               if ($key =~ /^goto_admin$/) {
+                       $goto_admin= $element;
+                       next;
+               }
+               if ($key =~ /^goto_secret$/) {
+                       $goto_secret= $element;
+                       next;
+               }
+               if ($key =~ /^ldap_cfg$/) {
+                       push (@ldap_options, "$element");
+                       next;
+               }
+               if ($key =~ /^pam_cfg$/) {
+                       push (@pam_options, "$element");
+                       next;
+               }
+               if ($key =~ /^nss_cfg$/) {
+                       push (@nss_options, "$element");
+                       next;
+               }
+               if ($key =~ /^admin_base$/) {
+                       $admin_base= $element;
+                       next;
+               }
+               if ($key =~ /^department$/) {
+                       $department= $element;
+                       next;
+               }
+               if ($key =~ /^unit_tag$/) {
+                       $unit_tag= $element;
+                       next;
+               }
+       }
+    }
+
+    # Unit tagging enabled?
+    if (defined $unit_tag){
+           push (@pam_options, "pam_filter gosaUnitTag=$unit_tag");
+           push (@nss_options, "nss_base_passwd  $admin_base?sub?gosaUnitTag=$unit_tag");
+           push (@nss_options, "nss_base_group   $admin_base?sub?gosaUnitTag=$unit_tag");
+    }
+
+    # Setup ldap.conf
+    my $file1;
+    my $file2;
+    open(file1, "> $ldap_config");
+    print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+    print file1 "URI";
+    foreach $element (@ldap_uris) {
+       print file1 " $element";
+    }
+    print file1 "\nBASE $ldap_base\n";
+    foreach $element (@ldap_options) {
+       print file1 "$element\n";
+    }
+    close (file1);
+    daemon_log("wrote $ldap_config", 5);
+
+    # Setup pam_ldap.conf / libnss_ldap.conf
+    open(file1, "> $pam_config");
+    open(file2, "> $nss_config");
+    print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+    print file2 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+    print file1 "uri";
+    print file2 "uri";
+    foreach $element (@ldap_uris) {
+       print file1 " $element";
+       print file2 " $element";
+    }
+    print file1 "\nbase $ldap_base\n";
+    print file2 "\nbase $ldap_base\n";
+    foreach $element (@pam_options) {
+       print file1 "$element\n";
+    }
+    foreach $element (@nss_options) {
+       print file2 "$element\n";
+    }
+    close (file2);
+    daemon_log("wrote $nss_config", 5);
+    close (file1);
+    daemon_log("wrote $pam_config", 5);
+
+    # Create goto.secrets if told so - for compatibility reasons
+    if (defined $goto_admin){
+           open(file1, "> /etc/goto/secret");
+           close(file1);
+           chown(0,0, "/etc/goto/secret");
+           chmod(0600, "/etc/goto/secret");
+           open(file1, "> /etc/goto/secret");
+           print file1 "GOTOADMIN=\"$goto_admin\"\nGOTOSECRET=\"$goto_secret\"\n";
+           close(file1);
+           daemon_log("wrote /etc/goto/secret", 5);
+    }
+
+    
+
+    # Write shell based config
+    my $cfg_name= dirname($ldap_config)."/ldap-shell.conf";
+    open(file1, "> $cfg_name");
+    print file1 "LDAP_BASE=\"$ldap_base\"\n";
+    print file1 "ADMIN_BASE=\"$admin_base\"\n";
+    print file1 "DEPARTMENT=\"$department\"\n";
+    print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n";
+    print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n";
+    close(file1);
+    daemon_log("wrote $cfg_name", 5);
+
+    return;
+
+}
+
+
 sub create_passwd {
     my $new_passwd = "";
     for(my $i=0; $i<31; $i++) {
@@ -541,6 +691,45 @@ sub send_msg_hash2address {
 }
 
 
+sub send_msg_to_target {
+    my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
+    my $error = 0;
+
+    if( $msg_header ) {
+        $msg_header = "'$msg_header'-";
+    }
+    else {
+        $msg_header = "";
+    }
+
+    # encrypt xml msg
+    my $crypted_msg = &encrypt_msg($msg, $encrypt_key);
+
+    # opensocket
+    my $socket = &open_socket($address);
+    if( !$socket ) {
+        daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1);
+        $error++;
+    }
+    
+    if( $error == 0 ) {
+        # send xml msg
+        print $socket $crypted_msg."\n";
+
+        daemon_log("send ".$msg_header."msg to $address", 1);
+        daemon_log("message:\n$msg", 8);
+
+    }
+
+    # close socket in any case
+    if( $socket ) {
+        close $socket;
+    }
+
+    return;
+}
+
+
 sub open_socket {
     my ($PeerAddr, $PeerPort) = @_ ;
     if(defined($PeerPort)){
@@ -788,6 +977,8 @@ sub server_input {
         $error++;
     }
 
+    ######################
+    # process incoming msg
     if( $error == 0 ) {
         my $header = @{$msg_hash->{header}}[0];
         my $source = @{$msg_hash->{source}}[0];
@@ -797,19 +988,27 @@ sub server_input {
             daemon_log("found event '$header' at event-module '".$event_hash->{$header}."'", 5);
             no strict 'refs';
             $answer = &{$event_hash->{$header}."::$header"}($msg, $msg_hash);
-            if( $header eq "registered") {
-                $REGISTERED_FLAG = $answer;
-            } 
-        }
+         }
+#        else {
+#            # maybe header is a core function
+#            daemon_log("WARNING: no event assigned to msg $header", 5);
+#            if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}}
+#            elsif ($header eq 'ping') { &got_ping($msg_hash) }
+#            elsif ($header eq 'wake_up') { &execute_event($msg_hash)}
+#            elsif ($header eq 'new_passwd') { &new_passwd()}
+#            elsif ($header eq 'compute_hardware') { &compute_hardware() }
+#            else { daemon_log("ERROR: no core function assigned to msg $header", 5) }
+#        }
+    }
+
+    ########
+    # answer
+    if( $answer ) {
+        if( $answer =~ "<header>registered</header>") {
+            $REGISTERED_FLAG = 0;
+        } 
         else {
-            # maybe header is a core function
-            daemon_log("WARNING: no event assigned to msg $header", 5);
-            if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}}
-            elsif ($header eq 'ping') { &got_ping($msg_hash) }
-            elsif ($header eq 'wake_up') { &execute_event($msg_hash)}
-            elsif ($header eq 'new_passwd') { &new_passwd()}
-            elsif ($header eq 'compute_hardware') { &compute_hardware() }
-            else { daemon_log("ERROR: no core function assigned to msg $header", 5) }
+        &send_msg_to_address($answer, $server_address, $server_key);
         }
     }
 
@@ -827,7 +1026,7 @@ GetOptions("h|help" => \&usage,
 
 #  read and set config parameters
 &check_cmdline_param ;
-&read_configfile;
+&read_configfile($cfg_file, %cfg_defaults);
 &check_pid;
 
 
@@ -872,6 +1071,8 @@ $client_address = $client_ip.":".$client_port;
 
 # detect own ip and mac address
 my $network_interface= &get_interface_for_ip($client_ip);
+daemon_log("Mac address at this point: $client_mac_address", 1);
+daemon_log("Interface at this point: $network_interface", 1);
 $client_mac_address= &get_mac($network_interface);
 daemon_log("gosa-si-client ip address detected: $client_ip", 1);
 daemon_log("gosa-si-client mac address detected: $client_mac_address", 1);
GONICUS system administrator (SVN clone)